package com.jxdinfo.hussar.support.security.integration.authentication.support;

import com.jxdinfo.hussar.platform.core.support.service.dto.UserDetails;
import com.jxdinfo.hussar.platform.core.utils.HussarUtils;
import com.jxdinfo.hussar.support.cache.util.HussarCacheUtil;
import com.jxdinfo.hussar.support.security.core.dto.LoginUserAuthorizationDTO;
import com.jxdinfo.hussar.support.security.core.properties.HussarReloadUserAuthorizationProperties;
import com.jxdinfo.hussar.support.security.core.session.SecuritySession;
import com.jxdinfo.hussar.support.security.core.session.TokenSession;
import com.jxdinfo.hussar.support.security.core.session.TokenSign;
import com.jxdinfo.hussar.support.security.core.stp.SecurityUtil;
import com.jxdinfo.hussar.support.security.integration.authentication.support.utils.HussarSecurityUtils;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.annotation.Resource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/jxdinfo/hussar/support/security/integration/authentication/support/AbstractUserAuthorizationReloader.class */
public abstract class AbstractUserAuthorizationReloader {
    private static final Logger logger = LoggerFactory.getLogger(AbstractUserAuthorizationReloader.class);
    protected static final String HUSSAR_USER_AUTHORIZATION_CHANGE = "hussar_user_authorization_change";
    protected static final String ROLES_LIST = "rolesList";
    protected static final String PERMISSIONS_CHECKSUM = "permissionsChecksum";
    protected static final String PERMISSIONS = "permissions";

    @Resource
    private HussarReloadUserAuthorizationProperties properties;

    public void reload(String str) {
        if (this.properties.getEnable().booleanValue() && HussarUtils.isNotEmpty(str)) {
            UserDetails loginUserDetails = HussarSecurityUtils.getLoginUserDetails(str);
            if (HussarUtils.isNotEmpty(loginUserDetails)) {
                Long userId = loginUserDetails.getUserId();
                if (HussarCacheUtil.containKey(HUSSAR_USER_AUTHORIZATION_CHANGE, userId)) {
                    List<String> arrayList = new ArrayList();
                    try {
                        arrayList = doReload(userId, loginUserDetails);
                    } catch (Exception e) {
                        logger.error("权限信息变更后，刷新已登录用户缓存失败, userId = {}", userId, e);
                    }
                    try {
                        callback(userId, arrayList);
                    } catch (Exception e2) {
                        logger.error("权限信息变更，刷新登录用户缓存后执行回调方法失败, userId = {}", userId, e2);
                    }
                }
            }
        }
    }

    private List<String> doReload(Long l, UserDetails userDetails) {
        LoginUserAuthorizationDTO generateUserLatestAuthorization = generateUserLatestAuthorization(l);
        if (!HussarUtils.isEmpty(generateUserLatestAuthorization) && isUserAuthorizationChanged(generateUserLatestAuthorization, userDetails)) {
            List<String> loginTickets = getLoginTickets(l);
            ArrayList arrayList = new ArrayList();
            if (HussarUtils.isNotEmpty(loginTickets)) {
                for (String str : loginTickets) {
                    TokenSession tokenSession = SecurityUtil.getTokenSession(str);
                    if (HussarUtils.isEmpty(tokenSession)) {
                        logger.warn("通过loginTicket = {} 获取tokenSession为空", str);
                    } else {
                        UserDetails userDetails2 = tokenSession.getUserDetails();
                        userDetails2.addExtendUserMap(ROLES_LIST, generateUserLatestAuthorization.getRoleIds());
                        if (generateUserLatestAuthorization.getPermissionsChecksum() != null) {
                            userDetails2.addExtendUserMap(PERMISSIONS_CHECKSUM, generateUserLatestAuthorization.getPermissionsChecksum());
                        } else {
                            userDetails2.addExtendUserMap(PERMISSIONS, generateUserLatestAuthorization.getPermissions());
                        }
                        Map extendMap = generateUserLatestAuthorization.getExtendMap();
                        if (HussarUtils.isNotEmpty(extendMap)) {
                            userDetails2.getClass();
                            extendMap.forEach(userDetails2::addExtendUserMap);
                        }
                        tokenSession.setUserDetails(userDetails2);
                        SecurityUtil.updateTokenSession(str, tokenSession);
                        arrayList.add(userDetails2.getAccessToken());
                    }
                }
            }
            HussarCacheUtil.evict(HUSSAR_USER_AUTHORIZATION_CHANGE, l);
            return arrayList;
        }
        return new ArrayList();
    }

    protected boolean isUserAuthorizationChanged(LoginUserAuthorizationDTO loginUserAuthorizationDTO, UserDetails userDetails) {
        if (HussarUtils.equals(loginUserAuthorizationDTO.getRoleIds(), userDetails.getExtendUserMap(ROLES_LIST)) && !HussarUtils.isNotEmpty(loginUserAuthorizationDTO.getExtendMap())) {
            return (HussarUtils.isNotEmpty(loginUserAuthorizationDTO.getPermissionsChecksum()) && HussarUtils.isNotEmpty(userDetails.getExtendUserMap(PERMISSIONS_CHECKSUM))) ? !HussarUtils.equals(loginUserAuthorizationDTO.getPermissionsChecksum(), userDetails.getExtendUserMap(PERMISSIONS_CHECKSUM)) : (loginUserAuthorizationDTO.getPermissions() == null || userDetails.getExtendUserMap(PERMISSIONS) == null || HussarUtils.equals(loginUserAuthorizationDTO.getPermissions(), userDetails.getExtendUserMap(PERMISSIONS))) ? false : true;
        }
        return true;
    }

    public abstract LoginUserAuthorizationDTO generateUserLatestAuthorization(Long l);

    public void callback(Long l, List<String> list) {
    }

    private List<String> getLoginTickets(Long l) {
        ArrayList arrayList = new ArrayList();
        SecuritySession sessionByLoginId = SecurityUtil.getSessionByLoginId(l);
        if (sessionByLoginId != null) {
            Iterator it = sessionByLoginId.getTokenSignList().iterator();
            while (it.hasNext()) {
                arrayList.add(((TokenSign) it.next()).getValue());
            }
        }
        return arrayList;
    }
}
